South African Web Host, Hetzner, Hit by Mega-Breach

South African Web Host, Hetzner, Hit by Mega-Breach

Johannesburg firm has 40,000 potentially affected customers on its list.

A major data center and web hosting Service Company based in Johannesburg, South Africa has been extremely compromised by hackers.

The South African based company wrote on Wednesday, that one of their key client portals called “konsoleH”, had unfortunately been accessed by the unknown cybercriminals. In a lengthy statement that they wrote 24 hours after the hacking incident, the company wrote that they were assuming all the customer data had unfortunately been exposed.

The Johannesburg Company said that they think the hackers had exploited the SQL injection vulnerability of the database. They also noted that they did not know how the accessed data would be used by the hackers. In their statement, the South African company called Hetzner said that all the admin passwords for the konsoleH database were encrypted, but the FTP passwords had proactively been updated because they were stored in plain text before.

The statement mentioned that they were going to delete all the plain text versions of the FTP and all the database passwords. They plan on encrypting all the systems, though they did note that the update was coming late for their clients. According to Hetzner, the details that the cybercriminals accessed included customer details, domain names, FTP passwords and unfortunately bank account details. However, no credit card details were stored in the portal, thankfully.

All customers were encouraged to update their account passwords. The incident is believed to influence both old and new customers of the database. The company claims that they provide services to 40,000 customers. And the company stressed out that they would not offer monetary compensation to any of the affected customers. The company did reiterate that they would offer customer assistance to any of their customers who had been affected.

The company wrote in their statement that even though there was no financial compensation being offered to clients, they were going to support their customers throughout the incident and they put in place a team working over the clock specifically for this. It also noted that they had hired forensic investigators who would help with identifying who the attackers were and what they wanted. The company said they were working towards gaining their customers trust as time goes on.

This is the second major database leak in South Africa in as many months. In another unrelated attack last month, another database leak which saw personal details for millions of citizens had been taken. The database hack had been done and released under the name, “Master_Deeds”. Hetzner confirmed that the two incidents were unrelated and they noted that the leaked files had been stored on one of their self-managed servers which were leased to one of the customers.

The incident of last month was revealed by Tefo Mohapi of the iAfrikan tech website and according to Troy Hunter, the database had at least 60 million records, a number higher than the actual population of South Africa which is 56 million. This is because the database included information on both dead and alive people.